[imp] IMAP Connection Issue: "no auth attempts"

Alexander Lasley alasley at mail.redskylab.com
Thu Feb 12 00:59:51 UTC 2015 

On 02/11/2015 04:08 AM, Arjen de Korte wrote:
> Citeren Jan Schneider <jan at horde.org>:
>
>> Zitat von Alexander Lasley <alasley at mail.redskylab.com>:
>>
>>> After installing IMP, testing the IMAP connection via 
>>> /test.php?app=imp is successful; "Namespace Information" and "IMAP 
>>> server capabilities" are shown to me. However, connections through 
>>> the web interface fail. I have tried two different things:
>>>
>>> 1) Logging in to the mail account while logged in to Horde as the 
>>> default "Administrator" user. This fails and produces the message 
>>> "User Administrator is not authorized for Mail" in the logs. I 
>>> stopped here because this is ultimately not the way I intend to use 
>>> Horde/IMP anyway.
>>> 2) Using IMP as the application to handle authentication for Horde. 
>>> This fails and produces slightly more useful information in the logs.
>>>
>>> Web server information:
>>> CentOS 6.6
>>> nginx 1.0.15 installed via yum *
>>> php-fpm 5.4.37 installed via yum
>>> Horde 5.2.3 installed via PEAR
>>> IMP 6.2.7 installed via PEAR
>>>
>>> Mail server information:
>>> CentOS 6.6
>>> dovecot 2.0.9 installed via yum
>>>
>>> * I know that nginx isn't officially supported, but my issue does 
>>> not seem related to the web server; no relevant error messages are 
>>> showing up in nginx's log.
>>>
>>> I've replaced sensitive information in the logs with the following:
>>> Horde installed into the document root /path/to/horde
>>> Horde running on webmail.domain.tld with IP address xxx.xxx.xxx.xxx
>>> Dovecot/Postfix running on mail.domain.tld with IP address 
>>> yyy.yyy.yyy.yyy
>>> Attempting to log in as username at mail.domain.tld
>>> My personal IP zzz.zzz.zzz.zzz
>>>
>>> Dovecot logs:
>>> Feb 11 06:40:46 mail dovecot: auth: Debug: Loading modules from 
>>> directory: /usr/lib64/dovecot/auth
>>> ...
>>> Feb 11 06:40:46 mail dovecot: auth: Debug: auth client connected 
>>> (pid=20366)
>>> Feb 11 06:41:16 mail dovecot: imap-login: Disconnected (no auth 
>>> attempts): rip=xxx.xxx.xxx.xxx, lip=yyy.yyy.yyy.yyy, TLS 
>>> handshaking: Disconnected
>>>
>>> Horde logs:
>>> Feb 11 06:39:36 web-ln1 HORDE: [imp] [login] Error when 
>>> communicating with the mail server. [pid 3243 on line 730 of 
>>> "/path/to/horde/imp/lib/Imap.php"]
>>> Feb 11 06:39:36 web-ln1 HORDE: [imp] FAILED LOGIN for 
>>> username at mail.domain.tld (zzz.zzz.zzz.zzz) to 
>>> {imap://mail.domain.tld:993/} [pid 3243 on line 157 of 
>>> "/path/to/horde/imp/lib/Auth.php"]
>>> Feb 11 06:39:36 web-ln1 HORDE: [horde] FAILED LOGIN for 
>>> username at mail.domain.tld to horde (24.107.154.151) [pid 3243 on line 
>>> 199 of "/path/to/horde/login.php"]
>>>
>>> /path/to/horde/imp/config/backends.php:
>>> $servers['imap'] = array(
>>>    'disabled' => false,
>>>    'name' => 'IMAP Server',
>>>    'hostspec' => 'mail.domain.tld',
>>>    'hordeauth' => false,
>>>    'protocol' => 'imap',
>>>    'port' => 993,
>>>    'secure' => 'tls',
>>> );
>>>
>>> Dovecot is configured to expect 'PLAIN' or 'LOGIN' authentication 
>>> over TLS. I can't seem to find any documentation on setting the IMAP 
>>> authentication mechanism. But IMP doesn't seem to be passing along 
>>> incorrect credentials; it doesn't seem to be passing any credentials 
>>> at all.
>>>
>>> Thanks for your time,
>>>
>>> Alex
>>> -- 
>>> imp mailing list
>>> Frequently Asked Questions: http://wiki.horde.org/FAQ
>>> To unsubscribe, mail: imp-unsubscribe at lists.horde.org
>>
>> 1) Don't edit backends.php!
>> 2) Enable debug logs (in backends.local.php!) and check the IMAP 
>> connection logs.
>
> And are you sure you're supporting STARTTLS on port 993? By default, 
> Dovecot will accept SSL only on port 993, so the STARTTLS is never 
> offered. You probably only need to override the hostspec variable in 
> imp/config/backends.local.php:
>
>    <?php
>    $servers['imap']['hostspec'] = 'mail.domain.tld';
>
> If you really want to use port 993, you'll probably need to append the 
> following two lines:
>
>    $servers['imap']['port'] = 993;
>    $servers['imap']['secure'] = 'ssl';
>
> But the recommended solution, is to use STARTTLS on port 143 instead.
>
>
>
Thank you both for your prompt replies.

Indeed, my mail server is not configured to use STARTTLS. Perhaps I 
should explain the source of my confusion.

My mail server accepts connections encrypted with TLS (1.0, 1.1, 1.2), 
and rejects connections encrypted with SSL (2.0, 3.0). Therefore, I 
assumed that 'tls' was the correct setting. However, I see now that the 
configuration should be interpreted as follows:

// use SSL/TLS with STARTTLS
$servers['imap']['secure'] = 'tls';
// use SSL/TLS without STARTTLS
$servers['imap']['secure'] = 'ssl';

I will make a note of this for the future. Thanks for helping me resolve 
my problem.

Alex

More information about the imp mailing list